<?php

include __DIR__ . '/../../inc/conn.php';
include __DIR__ . '/../../inc/checkSesion.php';


$opwd = md5(trim($_POST['opwd']));
$npwd = trim($_POST['npwd']);
$npwds = trim($_POST['npwds']);

$returnJson = [
    'code' => 0,
    'message' => ''
];


if ($npwd != $npwds) {
    $returnJson['code'] = 501;
    $returnJson['message'] = '提示：确认密码不一致';
    echo json_encode($returnJson);
    die();
}


$sql = "SELECT userpasswd FROM blog_admin_user WHERE username='".$_SESSION['username']."' ";
$res = mysqli_query($conn, $sql);

$rwt=mysqli_fetch_array($res);

if ($opwd != $rwt['userpasswd']) {
    $returnJson['code'] = 502;
    $returnJson['message'] = '提示：原始密码错误';
    echo json_encode($returnJson);
    die();
}


$sqlUpdata = "UPDATE blog_admin_user SET userpasswd='".md5($npwd)."' WHERE username='".$_SESSION['username']."'  ";
$resUpodate = mysqli_query($conn, $sqlUpdata);
if (!$resUpodate) {
    $returnJson['code'] = 503;
    $returnJson['message'] = '提示：密码修改失败';
    echo json_encode($returnJson);
    die();
}

$returnJson['code'] = 200;
$returnJson['message'] = '提示：密码修改成功';
echo json_encode($returnJson);